Posts by sesquipedality@mendeddrum.org
(DIR) Post #ASnhOAy00v3qSikZPM by sesquipedality@mendeddrum.org
2023-02-18T10:07:20Z
0 likes, 0 repeats
@mjg59 So far as it goes, this is right. However, the issue with SMS authentication is that it provides the illusion of security while being easily circumventable by a black hat. It can then be used as a stick to beat the end user with., "Well, you authenticated using 2FA, so it must have been you that did it." It may also encourage users to worry less about reported password leaks. It is probably better than nothing, but these days, with better options common, it's a bad idea.
(DIR) Post #ASniXItY0RqRbyaHjM by sesquipedality@mendeddrum.org
2023-02-18T10:20:20Z
0 likes, 0 repeats
@mjg59 what I've read suggests that it is relatively easy to obtain access to this data by bad actors with the relevant know-how and some financial resources, but I think the key point is that it's a known weakness, and if you have a phone, these days you can install a 2FA app which doesn't have the same weaknesses. If a known and significant vulnerability can be eliminated, it probably should be.
(DIR) Post #ASnjRAVuM3BRpmAJo8 by sesquipedality@mendeddrum.org
2023-02-18T10:30:22Z
0 likes, 0 repeats
@mjg59 I think the answer to that is "by using something like authy and setting it up on multiple devices" but it's fair to say that that might be beyond the technological capabilities of many. Banks seem to use their apps for 2FA and are able to navigate lost phone scenarios, but as you say, that carries support cost for them. You are right that it's not a one dimensional trade-off though. SMS is also likely to be more accessible than app setup for those who find technology difficult.
(DIR) Post #ASnjtJH1NZ7l6vcZN2 by sesquipedality@mendeddrum.org
2023-02-18T10:31:21Z
0 likes, 0 repeats
@mjg59 Mostly I'm against SMS as the *only* 2FA option on offer.
(DIR) Post #AZDUfL5NncB2Sd3Df6 by sesquipedality@mendeddrum.org
2023-08-29T07:59:32Z
0 likes, 0 repeats
@mjg59 (1) to make you aware of the terms under which you are licensed to use the software (2) to prevent you arguing that you didn't knowingly violate the GPL because no one brought it to your attention.
(DIR) Post #AZDV3lj6OxXc2FHJlg by sesquipedality@mendeddrum.org
2023-08-29T08:02:33Z
1 likes, 1 repeats
@mjg59 now you could say no one does that on Linux, and you'd be right but (a) maybe they should (b) the expectation of windows users is different, they don't expect to have to go looking for a license. There's arguments for not doing it, but it's hardly bonkers.
(DIR) Post #AZr9eqBHorRxFUwVXM by sesquipedality@mendeddrum.org
2023-09-17T11:12:42Z
0 likes, 0 repeats
@mjg59 big "most schools not affected" evergy.
(DIR) Post #AZxLK9rFqhfguwM4bA by sesquipedality@mendeddrum.org
2023-09-20T10:51:09Z
0 likes, 0 repeats
@webmink @TheGuardian The cynic in me suggests that this may be as a result of all the transphobia harming their brand in Europe, and I wander if that will now be confined to the rainy fascist island edition.
(DIR) Post #Aagi5EZPFSSxWkFFZY by sesquipedality@mendeddrum.org
2023-10-12T08:08:28Z
0 likes, 0 repeats
@mjg59 Eben is an overloaded term. Given how tone deaf Raspberry Pi's social media presence has been of late, my brain went on an entirely different direction, which I am somewhat glad to see was the wrong one.
(DIR) Post #AbplQuWW5gKnEklxD6 by sesquipedality@mendeddrum.org
2023-11-15T14:52:04Z
0 likes, 0 repeats
@lowqualityfacts we do love a nice cup of steaming hot beer of an afternoon.
(DIR) Post #Aj5ZRWogXHFt4ZCdmq by sesquipedality@mendeddrum.org
2024-06-19T09:30:06Z
0 likes, 0 repeats
@ariadne @mjg59 again, not a software licensing expert, but from my perspective, if someone is going to take my work, build something on top of it, make money off it and not "share and share like" with the community, I want them to pay me. In practice, this of course means they won't try and build off my work, but I am OK with that. Whether that's an advantage to the "consumer" is I think a side issue. If I give my creative work away, I want its fruits to remain available to all.
(DIR) Post #Aj5ZRYyKWO9tl3jN68 by sesquipedality@mendeddrum.org
2024-06-19T09:31:51Z
0 likes, 0 repeats
@ariadne @mjg59 again, I am specifically not stanning for any license - I really don't care that much about licensing beyond using the one that most closely matches my achievable desires in publicly releasing my code. I thought I knew what that was. I am no longer so sure.
(DIR) Post #B2EilrDIK109SPTang by sesquipedality@mendeddrum.org
2026-01-13T07:11:20Z
0 likes, 0 repeats
@mjg59 i honestly understand bugger all about the technical details but it does seem weird to me that a screensaver is apparently deep magic that cannot be comprehended by Wayland.
(DIR) Post #B2EiltTfu5ICTn9hbs by sesquipedality@mendeddrum.org
2026-01-13T07:33:19Z
0 likes, 0 repeats
@mjg59 jwz says he can't port xacreensaver to Wayland and I guess he'd know. It's just so Linux for a bunch of people to go around saying "but we don't need (locking) screensavers any more" which (a) misses the (lack of) point spectacularly and (b) is arguably wrong in the case of OLED screens. I have no skin in the game really and will probably use Wayland when it makes its way into Mint, but it seems like something every other windowing systern can do and the design should have allowed for.